﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Data;
using System.Data.SqlClient;
using System.Configuration;


namespace AccesoADatos
{
    public class LoginDAO
    {

        public static bool existe(string user, string pass)
        {
            bool aux = true;

            SqlConnection cn = new SqlConnection();
            cn.ConnectionString = ConfigurationManager.ConnectionStrings["TODO_SUSPENSION"].ConnectionString;
            cn.Open();

            SqlCommand cmd = new SqlCommand();
            cmd.Connection = cn;

            cmd.CommandText = "select user_name from USUARIO where user_name = @paramUser and pass = @paramPass";
            cmd.CommandType = CommandType.Text;
            cmd.Parameters.AddWithValue("@paramUser", user);
            cmd.Parameters.AddWithValue("@paramPass", pass);
            SqlDataReader dr = cmd.ExecuteReader();

            aux = dr.Read();

            cn.Close();

            return aux;
        }

        public static string tipoUsuario(string user)
        {
            string tipoUsu = "";
            SqlConnection cn = new SqlConnection();
            cn.ConnectionString = ConfigurationManager.ConnectionStrings["TODO_SUSPENSION"].ConnectionString;
            cn.Open();

            SqlCommand cmd = new SqlCommand();
            cmd.Connection = cn;
            cmd.CommandText = "SELECT p.descripcion FROM ESTADO_USUARIO e,USUARIO u, PERMISOS p WHERE u.id_estado_usuario=e.id_estado_usuario and u.id_permiso=p.id_permiso and e.descripcion='habilitado' and u.user_name=@paramUser";
            cmd.CommandType = CommandType.Text;
            cmd.Parameters.AddWithValue("@paramUser", user);
            SqlDataReader dr = cmd.ExecuteReader();

            if (dr.Read())
            {
                tipoUsu = dr["descripcion"].ToString();
            }
            cn.Close();

            return tipoUsu;
        }

        public static string usuario(string user, string pass)
        {
            string usu = "";
            SqlConnection cn = new SqlConnection();
            cn.ConnectionString = ConfigurationManager.ConnectionStrings["TODO_SUSPENSION"].ConnectionString;
            SqlCommand cmd = new SqlCommand();

            cmd.Connection = cn;
            cn.Open();
            cmd.CommandText = "select nombre, apellido, user_name from USUARIO where user_name = @paramUser and pass = @paramPass";

            cmd.Parameters.AddWithValue("@paramUser", user);
            cmd.Parameters.AddWithValue("@paramPass", pass);

            cmd.CommandType = CommandType.Text;
            SqlDataReader dr = cmd.ExecuteReader();
            if (dr.Read())
            {
                usu = dr["user_name"].ToString();
            }
            cn.Close();

            return usu;
        }

        public static int idUsuario(string user, string pass)
        {
            int usu = 0;
            SqlConnection cn = new SqlConnection();
            cn.ConnectionString = ConfigurationManager.ConnectionStrings["TODO_SUSPENSION"].ConnectionString;
            SqlCommand cmd = new SqlCommand();

            cmd.Connection = cn;
            cn.Open();
            cmd.CommandText = "select id_usuario from USUARIO where user_name = @paramUser and pass = @paramPass";

            cmd.Parameters.AddWithValue("@paramUser", user);
            cmd.Parameters.AddWithValue("@paramPass", pass);

            cmd.CommandType = CommandType.Text;
            SqlDataReader dr = cmd.ExecuteReader();
            if (dr.Read())
            {
                usu = int.Parse(dr["id_usuario"].ToString());
            }
            cn.Close();

            return usu;
        }
    }
}
